- From: Rigo Wenning <rigo@w3.org>
- Date: Fri, 01 Jun 2012 17:36:15 +0200
- To: public-tracking@w3.org
- Cc: Vinay Goel <vigoel@adobe.com>, Kimon Zorbas <vp@iabeurope.eu>, David Singer <singer@apple.com>, "Roy T. Fielding" <fielding@gbiv.com>
On Thursday 31 May 2012 17:43:50 Vinay Goel wrote: > Hi Rigo, > > What sort of 'at least' clauses are you thinking of including in the > definition of DNT:0 that can't be handled in the Global Considerations > document? No, because it wouldn't be normative thus can't be endorsed by the authorities. > > While not a perfect analogy, I compare having a user switch from DNT:1 to > DNT:0 to a user opting back in to a specific ad network. The ad networks > that are members of the NAI/DAA offer an opt out, but offering the user > the opportunity to opt back in isn't required by either organization. In > fact, in my experience, about half of the ad networks offer an opt back > in. There are many reasons for this, one being that its easier to ensure > data collected when the user was opted out (when DNT:1), such as for first > party analytics, isn't then used to profile the user now that they are no > longer opted out (when DNT:0). I do NOT talk about a switch in any direction. I talk about a state, not how it has been reached. So my suggestion is not even touching on your issue above. I do not think it will "force" somebody to offer an opt-back-in (or a consent-expression as they are materially the same here). And such a solution does not specify or force the provider to treat the user like those coming with "unset" or those not having opted-out. It just creates a pathway for the Web in a regulatory jungle if (and only if) we get that accepted as an expression of preference of the user. > > I'm hesitant to define DNT:0 because, ultimately, its going to be up to > the websites/companies how to interpret DNT:0 in respect of local laws, > regulations, and system architecture. You're just killing your EU colleages and your EU business. I don't know if you have looked at those local laws. I explained to you above that the harm for the US market from your perspective is 0 and that the benefit for countries with data protection legislation is huge. I said it makes sense in certain types of local laws. And you tell me why we shouldn't fall back entirely on local laws? I have difficulties following your logic here. > I personally agree that users > should be able to opt back in after they've opted out and realized the > Internet isn't as relevant as it use to be. But, if we are going to > require that to be compliant with DNT a company has to offer an opt back > in such that it gives the user the same experience as before they opted > out, we're going to slow down implementation for a lot of > websites/companies. The opt-back-in is a means of expression of a user preference. And a description of DNT;0 is a minimum permission. There is nothing proscriptive here. So why I see your valid concern, I don't think the proposal of defining DNT;0 minima changes anything to that scenario compared to no- dnt;0-definition. Rigo
Received on Friday, 1 June 2012 15:36:47 UTC